MULTI ROUTER TRAFFIC GRAPHER – MRTG

An example stand-alone tool

1

LAB!LAB!

MRTG

• Free monitoring tool that shows graphs in web pages– Optimized for traffic monitoring, but can be used to

monitor other parameters (e.g., CPU use, disk use,…)

– Graphs are updated periodically and web page reloaded

• Obtains data from SNMP agents using SNMP– It’s a SNMP manager

2

Example

MRTG configuration

• MRTG uses a configuration file, typically mrtg.cfg– Indicates which targets to monitor

– Options of the graphics (e.g., labels)

• Creation of the configuration file– Syntax is messy: mix of HTML and MRTG commands

– Usually created using the cfgmaker tool

– Can be modified manually after initially created

4

MRTG configuration

• cfgmaker --global ‘WorkDir: /mrtg/images’ --output /mrtg/run/mrtg.cfg public@router– WorkDir – directory where the graphs will be stored– mrtg.cfg – configuration file created– public@router – community @ name/IP of the device

• This command:– Accesses (SNMP GetRequest) the ifTable of the mib-

2.interfaces group of the device to monitor to find out how many and which interfaces does the device have

– Creates an entry in the configuration file for each interface

5

Excerpt of mrtg.cfg

(non-global) commands have format: command[key]:options

html that will appear in the

web pages

key identifies related commands

A global command

6

Commands

• WorkDir – directory where graphs are stored• Target – target address (hostname or IP);

– 4 = interface of ifTable to monitor; public = community; cisco = hostname

• Title – title of the web page• MaxBytes – max value the monitor variables can reach (in bytes)• Others for labels (important): YLegend, ShortLegend, …

MRTG functioning

• By default MRTG does periodic GetRequests of:– iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifInOctets.4

– iso.org.dod.internet.mgmt.mib-2.interfaces.ifTable.ifEntry.ifOutOctets.4

ifInOctets OBJECT-TYPESYNTAX Counter (…)DESCRIPTION

"The total number of octets received on the interface, including framing characters.“

ifOutOctets OBJECT-TYPESYNTAX Counter (…)DESCRIPTION

"The total number of octets transmitted out of the interface,including framing characters."

interface number

Bytes received/sent through the interface (columns of the table)

8

MRTG functioning

• By default it does the following graphs:– Daily graph with 5 minute averages

– Weekly graph with 30 minute averages

– Monthly graph with 2 hour averages

– Annual graph with 1 day averages

• How? Every 5 min. MRTG sends GetRequests to the agent– Daily graph: subtracts this value from the previous received; divides it

by 5 minutes; puts the point in the graph

– Ex: avg = (ifInOctets_i - ifInOctets_i-1)/5min

– For the other graphs the calculations are similar

9

What is this good for?

MRTG example (just 2 graphs)

10

Executing MRTG

11

• mrtg mrtg.cfg --daemon– Omitting --daemon runs it only once (good for initial debug)

these warnings are normal

Index

• Recall: cfgmaker creates one web page per interface– Each with the 4 graphs

• indexmaker creates a summary page for all targets– Each target has a graph (default: daily); clicking goes to

that target’s web page

– Issue: if it complains of dir mrtg not existing, create it

Regular expression to define which targets to

show (if many)12

Example

Monitoring other MIB objects• They typically are in pairs, like

ifInOctets/ifOutOctets

• Example: users logged in server (host resources MIB)

• There is an experimental notion of “templates” to do it automatically, but the simpler is to modify the cfg file

Monitoring other MIB objectsOIDs to monitor

• MaxBytes no longer bytes (if different for the 2 OIDs, MaxBytes1/MaxBytes2)

• Options: for data types other than counter (gauge in this case)

15

Related tools

• MRTG is built on top of the RRDTool (of the same author)

– RRDTool more versatile; many management tools built on top of it:

• Cacti - “a complete frontend to RRDTool”

– Basically an MRTG fully configurable via a web interface

• PHP Weathermap– Single-page overview of the

network status

– Percentage of occupation of link bandwidth

– Data taken from agents inall nodes

16